| oerheks | uh oh .. https://aepicleak.com/ | 00:16 |
|---|---|---|
| arraybolt3[m] | Ah, yet another cataclysmic CPU failure. I'm starting go get tired of this insanity. | 00:22 |
| arraybolt3[m] | s/failure/vulnerability | 00:22 |
| oerheks | also ZEN 1/2/3 are bad .. | 00:22 |
| oerheks | what is left, ARM ? | 00:23 |
| oerheks | too many, too soon CPU's hit the market. | 00:24 |
| arraybolt3[m] | Even ARM got hit with Meltdown in at least one of their CPUs. I think we have to just accept that CPUs are vulnerable and that microcode updates need to be applied the moment they become available. | 00:24 |
| oerheks | jups | 00:24 |
| oerheks | https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1039 | 00:25 |
| * arraybolt3[m] wonders just how many cracks in the armor my 3rd gen i5 is riddled with | 00:25 | |
| arraybolt3[m] | Does Intel still release microcode updates for discontinued processors? | 00:25 |
| arraybolt3[m] | I think they do, so hopefully I'm all patched up. | 00:25 |
| oerheks | i run i7 4790 .. | 00:25 |
| oerheks | 4th gen | 00:26 |
| arraybolt3[m] | The best one I've got is a 3rd or 4th gen Xeon. | 00:26 |
| tomreyn | grep . /sys/devices/system/cpu/vulnerabilities/* | 00:56 |
| tomreyn | https://github.com/speed47/spectre-meltdown-checker.git | 00:56 |
| arraybolt3[m] | tomreyn: Oh lovely, looks like I can be pwned with srbds, l1tf, or mds. | 00:57 |
| tomreyn | arraybolt3[m]: did you switch off mitigations? | 00:58 |
| arraybolt3[m] | tomreyn: Nope, I've got lots of other mitigations on. | 00:58 |
| arraybolt3[m] | tomreyn: L1TF and MDS are problematic because I have hyper-threading enabled, while SRBDS is just straight-up vulnerable (no microcode it say). | 00:59 |
| tomreyn | intel-microcode package is installed? | 00:59 |
| arraybolt3[m] | tomreyn: Yep. | 01:02 |
| tomreyn | the meltdown-checker script can give you a better interpretation and better explanations. it's also in ubuntu (in an older version) | 01:02 |
| tomreyn | some older cpu's did not get microcode fixes indeed | 01:02 |
| arraybolt3[m] | (Your CPU microcode may need to be updated to mitigate the vulnerability) yep, no kidding. But I'm updated. So I guess this system is shot from a CPU security standpoint. | 01:05 |
| arraybolt3[m] | Also some of the vulns say "Not vulnerable, this system is not running a hypervisor." ROFL so what is GNOME Boxes then? | 01:05 |
| arraybolt3[m] | So... yikes. Guess I'd better not run untrusted stuff even in a VM. | 01:06 |
| arraybolt3[m] | (Which thankfully I've not done yet, but still, that's a bit unnerving.) | 01:06 |
| sarnold | btw, js in a web browser counts as 'untrusted' | 01:08 |
| lotuspsychje | good morning | 02:21 |
| marcoagpinto | heya | 04:01 |
| === Probie9681 is now known as Probie968 | ||
| tomreyn | ravage: btw. MICROburst moved to getting help with whatever it may be they are trying to do in #ubuntu-de | 16:46 |
| tomreyn | i'm guessing their goal was to change $PS1 | 16:49 |
| ravage | ok then :) | 16:49 |
| === Probie9685 is now known as Probie968 | ||
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!